../E48259-02.epub /> ../E48259-02.mobi />

2 Installing the RUEI Software

This chapter describes the prerequisites and procedure for installing each of the RUEI components. The procedure for upgrading an existing RUEI 11.1 installation to release 12.1 is described in Chapter 3, "Upgrading to RUEI 12.1.0.4". The post-installation configuration procedure is described in Chapter 5, "Configuring RUEI".

2.1 Prerequisites

This section describes the steps that should be taken before starting to install the RUEI software. Ensure that all preconditions described in this section are met before proceeding with the installation process.

2.1.1 Planning the Software Installation Location

Depending on the installation location of the Reporter database and the RUEI software, the necessary disk space needs to be carefully planned. During operating system installation, you will need this information at hand for the disk partitioning phase.

Table 2-1 shows the disk space requirements for the RUEI installation components.

Table 2-1 Required Disk Space Specifications

Partition Min. Required Disk Space (GB) Component

ORACLE_BASE (default /u01/app/oracle)Foot 1 

500

Database server

RUEI_HOME (default /opt/ruei)

5

Reporter, Collector

RUEI_DATA (default /var/opt/ruei/)

100

Reporter, Collector


Footnote 1 This is the example database location used throughout this guide.

This means that for a stand-alone RUEI server installation, a minimum of 700 GB is required. In the case of a high-traffic implementation, involving a dedicated remote Collector, a minimum of 200 GB of disk space is recommended for /var/opt/ruei (RUEI_DATA).

Important:

The Reporter and database servers require high-performance data storage. RAID-10 or RAID-5 (or equivalent) storage configurations with high-performance disks are strongly recommended.

2.1.2 Configuring the Network Interface

  1. Ensure that a static IP address is assigned to the interface used to access the RUEI web interface. In addition, the assigned IP address and host name should be configured in the /etc/hosts file. If necessary, ensure that all Reporter, Collector, and Processing Engine systems are correctly defined in the DNS system.

  2. Ensure that the network interface(s) used for network packet monitoring are administratively up, but without an IP address.

    Important:

    Make the network interface up status permanent (after a reboot) by setting the ONBOOT parameter of the capturing interfaces to yes. The network interfaces configuration can be found in the /etc/sysconfig/networking/devices/ifcfg-ethX file (where X represents the necessary network interface). Alternatively, use the graphical utility system-config-network to perform the above actions.

2.1.3 Operating System Security Configuration

When the system boots for the first time, a post-installation wizard appears, and allows you to finalize the operating system configuration settings. Ensure that:

  1. The RUEI firewall rules shown in Table 1-7 are correctly configured.

  2. Security Enhanced Linux (SELinux) is disabled. This is necessary for the correct operation of RUEI. Note that changing the SELinux setting requires rebooting the system so that the entire system can be relabeled.

  3. For security reasons, it is strongly recommended that you check the Encrypt System check box during operating system installation so that all sensitive data is stored in a secure manner. A passphase is required during booting the system.

2.1.4 Verify NTP Daemon Operation

Ensure that the date and time settings are correctly specified. The use of NTP is strongly recommended, and is required in a split-server deployment. In addition, all time zones specified for Reporter, Collector, and Processing Engine systems must be identical.

Because the NTP daemon is a critical component of RUEI, especially in a split server configuration, it is recommended that you verify that it is activated in at least run level 5 during boot. Use the following commands:

/sbin/chkconfig --list | grep ntpd
ntpd     0:off   1:off   2:off   3:off   4:off   5:off   6:off
/sbin/chkconfig ntpd on
/sbin/chkconfig --list | grep ntpd
ntpd     0:off   1:off   2:on    3:on    4:on    5:on    6:off
/etc/init.d/ntpd start
Starting ntpd:                                     [  OK  ]

Note that if the NTP daemon is not already running, you can start it by issuing the following command:

/etc/init.d/ntpd restart

The following sample output shows when the NTP daemon is synchronized (indicated by an "*").

ntpq -pn
       remote           refid      st t when poll reach   delay   offset  jitter
  ==============================================================================
  *194.171.167.130     .PPS.         1 u 994 1024 377     6.429   0.041   0.093
  +80.85.129.25        130.235.20.3  3 u 725 1024 377     4.435   0.673   0.129
  +82.94.235.106       135.81.191.59 2 u 678 1024 377     1.709   1.774   0.020
   127.127.1.0         .LOCL.       10 l   8   64 377     0.000   0.000   0.001

Important:

In distributed environments, all time zones specified for Reporter, Collector, and Processing Engine systems must be identical.

2.1.5 Installing the RUEI Prerequisites

Note that the procedure described in this section is only required for a Reporter system. The procedure depends on whether you are using RedHat Enterprise/Oracle Linux 5.x or 6.x, and is described in the following sections.

2.1.5.1 RedHat Enterprise/Oracle Linux 5.x

  1. The required packages are available from the RedHat Enterprise/Oracle Linux distribution sets. Issue the following command to install all prerequisites for the Reporter:

    rpm -Uhv httpd-2.2.3-*.el5.x86_64.rpm \
    libpcap-0.9*.x86_64.rpm \
    apr-1.2.7-11.*.x86_64.rpm \
    apr-util-1.2.7-*.x86_64.rpm \
    php-5.1.6-*.x86_64.rpm \
    mod_ssl-2.2.3-*.el5.x86_64.rpm \
    distcache-1.4.5-*.x86_64.rpm \
    php-common-5.1.6-*.x86_64.rpm \
    php-cli-5.1.6-*.x86_64.rpm \
    php-mbstring-5.1.6-*.x86_64.rpm \
    php-soap-5.1.6-*.x86_64.rpm \
    php-ldap-5.1.6-*.x86_64.rpm \
    gmp-4.1.4-*.el5.x86_64.rpm \
    postgresql-libs-8.1.11-*.el5_1.1.x86_64.rpm \
    lm_sensors-2.10.7-*.el5.x86_64.rpm \
    net-snmp-5.3.2.2-*.el5.x86_64.rpm \
    net-snmp-utils-5.3.2.2-*.el5.x86_64.rpm \
    perl-XML-Twig-3.26-*.fc6.noarch.rpm \
    perl-XML-Parser-2.34-*.x86_64.rpm
    
  2. Issue the following command to install all optional fonts. Alternatively, install the multi-byte character sets necessary to meet your NLS requirements.

    rpm -Uhv fonts-*
    

2.1.5.2 RedHat Enterprise/Oracle Linux 6.x

  1. The required packages are available from the RedHat Enterprise/Oracle Linux 6.x distribution sets. Issue the following command to install all prerequisites for the Reporter:

    rpm -Uvh libpcap-1.0.0-*.x86_64.rpm \
    apr-1.3.9-*.x86_64.rpm \
    apr-util-1.3.9-*.x86_64.rpm \
    php-5.3.3-*.x86_64.rpm \
    mod_ssl-2.2.15-*.x86_64.rpm \
    php-common-5.3.3-*.x86_64.rpm \
    php-cli-5.3.3-*.x86_64.rpm \
    php-soap-5.3.3-*.x86_64.rpm \
    php-ldap-5.3.3-*.x86_64.rpm \
    hdparm-9.16-*.x86_64.rpm \
    libpcap-1.0.0-*.x86_64.rpm \
    gmp-4.3.1-*.x86_64.rpm \
    lm_sensors-3.1.1-*.x86_64.rpm \
    net-snmp-5.5-*.x86_64.rpm \
    net-snmp-libs-5.5-*.x86_64.rpm \
    net-snmp-utils-5.5-*.x86_64.rpm \
    perl-XML-Twig-3.34-*.noarch.rpm \
    perl-XML-Parser-2.36-*.x86_64.rpm \
    ksh-20100621-*.x86_64.rpm \
    rsync-3.0.6-*.x86_64.rpm \
    openssl098e-0.9.8e-*.x86_64.rpm \
    wget-1.12-*x86_64.rpm \
    bc-1.06.95-*.x86_64.rpm \
    bind-utils-9.7.3-*.x86_64.rpm
    
  2. Issue the following command to install all optional fonts. Alternatively, install the multi-byte character sets necessary to meet your NLS requirements.

    rpm -Uhv *-fonts*
    

2.1.6 Installing All Requirements Using a Yum Repository (Alternative)

As an alternative to manual installation (described in the previous section), you can use a Yum repository to install the required RPMs. This requires a working Yum repository. Information about Yum repositories is available at the following location:

http://linux.duke.edu/projects/yum/

The procedure depends on whether you are using RedHat Enterprise/Oracle Linux 5.x or 6.x, and is described in the following sections.

2.1.6.1 RedHat Enterprise/Oracle Linux 5.x

  1. Install the necessary Reporter packages using the following commands:

    yum -y install perl-URI
    yum -y install perl-XML-Twig
    yum -y install net-snmp-utils
    yum -y install sendmail-cf
    yum -y install httpd
    yum -y install mod_ssl
    yum -y install php
    yum -y install php-mbstring
    yum -y install php-ldap
    yum -y install php-soap
    yum -y install librsvg2
    yum -y install xorg-x11-xinit
    
  2. Issue the following command to install all optional fonts. Alternatively, install the multi-byte character sets necessary to meet your NLS requirements.

    rpm -Uhv fonts-*
    

2.1.6.2 RedHat Enterprise/Oracle Linux 6.x

Install the necessary Reporter packages using the following commands:

yum -y install perl-URI
yum -y install perl-XML-Twig
yum -y install net-snmp-utils
yum -y install sendmail-cf
yum -y install httpd
yum -y install mod_ssl
yum -y install php
yum -y install php-ldap
yum -y install php-soap
yum -y install librsvg2
yum -y install xorg-x11-xinit
yum -y install rsync
yum -y install ksh
yum -y install openssl098e
yum -y install *-fonts
yum -y install wget 
yum -y install bc 
yum -y install bind-utils
yum -y install hdparm
yum -y install libpcap

2.1.7 Oracle Database Installation

Download and install Oracle Database 11g Enterprise Edition from the Oracle database home page at the following location:

http://www.oracle.com/technology/software/products/database/index.html

The procedure for installing the Oracle database is fully described in the product documentation. It is strongly recommended that you download and review the appropriate Oracle Database 11g Quick Installation Guide. It is available from the Oracle Database Documentation Library. A summary of this procedure is described in Appendix A, "Installing the Oracle Database Software". Note that the path, user, and group names used in this guide are based on the Oracle database product documentation.

Note:

While RUEI is supported on Oracle Database releases 11.1.1.0.7 and later, the best performance for RUEI 12.1.0.4 is achieved with Oracle Database 11gR2.

2.2 Obtaining the RUEI Software

The RUEI software is available from the Oracle E-Delivery web site (http://edelivery.oracle.com). Select the following media pack criteria:

  • Oracle Enterprise Manager

  • Linux x86-64

2.3 Unpacking the RUEI Software

Copy the downloaded RUEI zip file to /root directory on the server, and unzip it. Use the following commands:

cd /root
unzip package_name.zip

The following directories are created which contain the software required to complete the RUEI installation:

  • /root/RUEI/121

  • /root/RUEI/ZendOptimizer

  • /root/RUEI/ZendGuardLoader

  • /root/RUEI/IC

  • /root/RUEI/PHP

  • /root/RUEI/Java

  • /root/RUEI/extra

2.4 Generic Installation Tasks

All steps described in this section must be performed regardless of your planned installation (that is, a Reporter with local database, a Reporter with remote database, a Processing Engine, or a Collector).

2.4.1 The RUEI Configuration File

The /etc/ruei.conf file specifies the settings used within your installation. A template of this file is provided in the /root/RUEI/extra directory of the RUEI distrubution zip. Note that all components in your RUEI environment (such as the remote database and Collectors) require the same global /etc/ruei.conf configuration file. Note that there is one exception to this requirement, and that is for Processing Engine systems. This requirement is fully described in Chapter 7, "Installing Processing Engines". The settings shown in Table 2-2 are defined.

Table 2-2 RUEI Configuration Settings

Setting Description ValueFoot 1 

RUEI_HOMEFootref 2

Home directory of the RUEI software.

/opt/ruei

RUEI_DATAFoot 2 

Directory for RUEI data files.

/var/opt/ruei

RUEI_USER

The RUEI operating system user.

moniforce

RUEI_GROUP

The RUEI operating system group.

moniforce

RUEI_DB_INSTFoot 3 

The database instance name.

ux

RUEI_DB_USERFoot 4 

The database user name.

UXINSIGHT

RUEI_DB_TNSNAMEFoot 5 

The Reporter or Processing Engine database connect string.

uxinsight

RUEI_DB_TNSNAME_CFGFoot 6 

The Reporter database connect string.

$RUEI_DB_TNSNAME or config

RUEI_DB_TNSNAME_BIFootref 4

The export database connect string.

uxinsight

RUEI_DB_TNSNAME_EMFoot 7 

The Oracle Enterprise Manager database connect string.

 

TZFoot 8 

The PHP timezone setting.

Europe/Amsterdam


Footnote 1 Be aware that all variables specified in this table are the values used throughout this guide, and can be modified as required.

Footnote 2 The directory name cannot exceed 50 characters in length.

Footnote 3 The database instance name cannot exceed 8 characters in length.

Footnote 4 The database user name cannot exceed 30 characters in length.

Footnote 5 The alias name cannot exceed 255 characters in length.

Footnote 6 RUEI_DB_TNSNAME is the default for a Reporter system. For a Processing Engine, the example value config is used in this guide.

Footnote 7 Necessary when you want to integrate your RUEI deployment with Oracle Enterprise Manager's Incident Manager facility (see Appendix D, "Setting up a Connection to the Enterprise Manager Repository").

Footnote 8 This should be the appropriate timezone setting, and must be valid for both Linux and PHP. For Linux, you can use the tzselect utility, and for PHP use the following location: http://www.php.net/manual/en/timezones.php.

Important

Be aware that the RUEI_HOME, RUEI_DATA, RUEI_USER and RUEI_GROUP settings described in Table 2-2 must be specified in terms of literal values. Therefore, the following is not permitted:

RUEI_BASE=/my/ruei/dir
export RUEI_HOME=$RUEI_BASE/home

Note:

If you change settings in /etc/ruei.conf after the installation of a RUEI system, you must restart system processing to make these changes effective (System > Maintenance > System reset > Restart system processing).

Failover Reporter Configuration Settings

Table 2-3 shows the settings that are used to configure a failover Reporter, and are only relevant to Reporter systems. See Chapter 8, "Configuring a Failover Reporter System" for information on the configuration procedure.

Table 2-3 RUEI Failover Reporter Configuration Settings

Setting Description

RUEI_REP_FAILOVER_PRIMARY_IP

The primary Reporter IP address.

RUEI_REP_FAILOVER_STANDBY_IP

The secondary Reporter IP address.

RUEI_REP_FAILOVER_VIRTUAL_IP

The virtual Reporter IP address.

RUEI_REP_FAILOVER_VIRTUAL_DEV

The network interface used to connect to the virtual Reporter IP address.

RUEI_REP_FAILOVER_VIRUAL_MASK

The network mask of the virtual Reporter IP address.


Failover Collector Configuration Settings

Table 2-4 shows the settings that are used to configure a failover Collector, and are only relevant to Collector systems. See Chapter 9, "Configuring a Failover Collector System" for information on the configuration procedure.

Table 2-4 RUEI Failover Collector Configuration Settings

Settings Description

RUEI_COL_FAILOVER_PRIMARY_IP

The primary Collector IP address.

RUEI_COL_FAILOVER_STANDBY_IP

The secondary Collector IP address.

RUEI_COL_FAILOVER_VIRTUAL_IP

The virtual Collector IP address.

RUEI_COL_FAILOVER_VIRTUAL_DEV

The network interface used to connect to the virtual Collector IP address.

RUEI_COL_FAILOVER_VIRTUAL_MASK

The network mask of the virtual Reporter IP address.


There is no need to change the settings for JAVA_HOME and INSTANTCLIENT_DIR if you intend to use the software contained on the RUEI distribution pack.

  1. Create the moniforce group and user. The home directory of moniforce should be set to /var/opt/ruei, with read permissions for group members.

    /usr/sbin/groupadd moniforce
    /usr/sbin/useradd moniforce -g moniforce -d /var/opt/ruei
    chmod -R 750 /var/opt/ruei
    chown -R moniforce:moniforce /var/opt/ruei
    
  2. An example of the configuration file is included in the RUEI distribution pack. Ensure the file is readable by the RUEI_USER user by issuing the following commands:

    cp /root/RUEI/extra/ruei.conf /etc/
    chmod 644 /etc/ruei.conf
    chown moniforce:moniforce /etc/ruei.conf
    

In case of a remote Reporter database installation, the ruei.conf file needs to be identical to that of the Reporter system.

2.4.2 Installing Java

For Reporter, Collector, and Processing Engines systems, you need to install the Java Runtime Environment (JRE). Java is bundled within the RUEI distribution pack.

  1. Issue the following commands:

    cd /usr/java
    tar xzf /root/RUEI/Java/jre-7u9-linux-x64.tar.gz
    

    Note you are prompted to accept the Java licence agreement. You cannot continue until you have done so.

  2. This installs the necessary Java software in the directory /usr/java/jre1.7.0_25. To make the install directory version independent, create a more generic symlink using the following command:

    ln -s /usr/java/jre1.7.0_25 /usr/java/jre
    

2.5 Remote Collector Installation

The procedure described in this section is only relevant to remote Collector systems.

Logon to the Collector system as the root user, and do the following:

  1. Create the RUEI application root directory using the following commands:

    mkdir -p /opt/ruei
    chmod 750 /opt/ruei
    
  2. Change to the RUEI root directory and run the ruei-install.sh script using the following commands:

    cd /root/RUEI/121
    chmod +x ruei-install.sh ruei-check.sh
    ./ruei-install.sh collector
    

    As the root user, add the following lines to the .bash_profile file of the RUEI_USER (RUEI_DATA/.bash_profile):

    source /etc/ruei.conf 
    source $RUEI_HOME/bin/env.sh 
    
  3. In addition to the actions described above, you need to configure the network interfaces. This is described in Section 2.7, "Configuring the Network Interface". Moreover, you also need to setup a password-less remote login from the Reporter system to the newly created Collector system. The necessary configuration steps are described in Section 2.12, "Configuring Reporter Communication (Split-Server Setup Only)".

2.6 Reporter Installation

This section describes the procedure for installing the required components for a Reporter system. These include the Apache web server, the Oracle database Instant Client, and the Zend Optimizer (or Zend Guard Loader).

2.6.1 Installing the Apache Web Server and PHP

This section describes the installation and configuration of the Apache web server, and the components that use it.

2.6.1.1 PHP Configuration

  1. Ensure that the web server starts automatically after re-boot by issuing the following command:

    /sbin/chkconfig httpd on
    
  2. Edit the /etc/sysconfig/httpd file to include the following line at the bottom of the file:

    source /etc/ruei.conf
    
  3. Create the following settings in the /etc/php.d/ruei.ini file:

    session.gc_maxlifetime = 14400
    memory_limit = 96M
    upload_max_filesize = 128M
    post_max_size = 128M 
    

2.6.1.2 Avoiding RSVG Warnings

RUEI uses RSVG for graph generation. In order to avoid warnings about a missing directory, create the empty .gnome2 directory using the following command:

mkdir -p /var/www/.gnome2

2.6.1.3 Securing Apache Web Server

In order to protext sensitive data on RUEI, it is strongly recommended that access to the Reporter interface is restricted to HTTPS. This can be achieved by executing the following command as the root user:

sed -i -e 's/^Listen 80/#Listen 80/' /etc/httpd/conf/httpd.conf

2.6.1.4 PHP Multibyte Character Support

This section only applies to RedHat Enterprise/Oracle Linux 6.x. You need to install the php-mbstring RPM version on the distribution set relevant to your operating system. For example:

cd /root/RUEI/PHP/OL6
rpm -Uhv php-mbstring-5.3.3-version.x86_64.rpm 

Updates and patches of php-mbstring can be found here:

http://public-yum.oracle.com/repo/OracleLinux/OL6/

2.6.2 Installing the Oracle Database Instant Client

Install the Oracle database Instant Client and SQLplus extension by issuing the following commands as the root user:

cd /root/RUEI/IC
rpm -Uhv oracle-instantclient11.2-basic-11.2.0.3.0-1.x86_64.rpm
rpm -Uhv oracle-instantclient11.2-sqlplus-11.2.0.3.0-1.x86_64.rpm

2.6.3 Installing the php-oci8 Module

Install the php-oci8 module (this is part of the RUEI distribution set). Note that the procedure differs depending on whether you are using RedHat Enterprise/Oracle Linux 5.x or 6.x.

RedHat Enterprise/Oracle Version 5.x

Issue the following commands:

cd /root/RUEI/PHP/OL5
rpm -Uhv php-oci8-11gR2-5.1.6-27.el5_7.4.x86_64.rpm

Note that if you are using a version of RedHat Enterprise/Oracle Linux prior to 5.7, you should use php-oci8-11gR2-5.1.6-27.el5.x86_64.rpm. This is also shipped with the RUEI distribution set.

RedHat Enterprise/Oracle Version 6.x

Issue the following commands:

cd /root/RUEI/PHP/OL6
rpm -Uhv php-oci8-11gR2-5.3.3-4.el6.x86_64.rpm

2.6.4 Installing the Zend Decoder

If you are installing on RedHat Enterprise/Oracle Linux version 5.x, you will need to install the Zend Optimizer. If you are installing on version 6.x, you need to install the Zend Guard Loader. The procedure is described in the following sections.

2.6.4.1 Installing the Zend Optimizer (version 5.x)

Go to the directory containing the Zend Optimizer code, unpack the tar file, and run the Zend optimizer installer. Read the license agreement. You will not be able to proceed until you have accepted the license terms. Accept all default settings, and allow the installer to restart the Apache web server. Issue the following commands:

cd /root/RUEI/ZendOptimizer
tar zxvf ZendOptimizer-3.3.3-linux-glibc23-x86_64.tar.gz
cd ZendOptimizer-3.3.3-linux-glibc23-x86_64
./install

Note:

If you upgrade your system packages (for example, using Yum), this can overwrite changes you previously made to the /etc/php.ini file. Therefore, you should be prepared to re-install the Zend Optimizer. When doing so, ensure the Zend Optimizer installer indicates the location of the php.ini file as /etc/php.ini and not /usr/local/Zend/etc/php.ini.

Important: it is recommended you move the Zend configuration lines created in the /etc/php.ini file to the RUEI-specific PHP configuration file /etc/php.d/ruei.ini to prevent PHP upgrade issues. If you performed a default installation of the Zend Optimizer, this involves moving the following lines:

[Zend]
zend_extension_manager.optimizer=/usr/local/Zend/lib/Optimizer-3.3.3
zend_extension_manager.optimizer_ts=/usr/local/Zend/lib/Optimizer_TS-3.3.3
zend_optimizer.version=3.3.3

zend_extension=/usr/local/Zend/lib/ZendExtensionManager.so
zend_extension_ts=/usr/local/Zend/lib/ZendExtensionManager_TS.so

2.6.4.2 Installing the Zend Guard Loader (version 6.x)

Go to the directory containing the Zend Guard Loader code, unpack the tar file, copy the required module to the Reporter system, and set it permissions. Issue the following commands:

cd /root/RUEI/ZendGuardLoader
tar xvf ZendGuardLoader-php-5.3-linux-glibc23-x86_64.tar.gz
cp ZendGuardLoader-php-5.3-linux-glibc23-x86_64/php-5.3.x/ZendGuardLoader.so \
/usr/lib64/php/modules/
chown root:root /usr/lib64/php/modules/ZendGuardLoader.so
chmod 755 /usr/lib64/php/modules/ZendGuardLoader.so

Add the following lines to the /etc/php.d/ruei.ini file:

zend_extension=/usr/lib64/php/modules/ZendGuardLoader.so
zend_loader.enable=1
; Disable license checks (for performance reasons)
zend_loader.disable_licensing=0
; The Obfuscation level supported by Zend Guard Loader. The levels are detailed in
; the official Zend Guard Documentation. 0 - no obfuscation is enabled
zend_loader.obfuscation_level_support=3
; For more information on how to create a license file, see the Zend Guard User
; Guide

Important: because the Zend Guard Loader does not handle garbage collection very well, it must be disabled by including the following line in the /etc/php.d/ruei.ini file:

zend.enable_gc = Off

Be aware that this disables garbage collection for all PHP-based applications running on the Reporter system.

2.6.5 Creating the Reporter Database Instance

The procedure described in this section should be skipped if you are installing a secondary (failover) Reporter system (see Chapter 8, "Configuring a Failover Reporter System"), and you should continue at Section 2.6.6, "Installation of the Reporter Software".

The Reporter database can reside either locally (that is, on the Reporter server) or on a remote database server. In this section you will create the database instance required for RUEI, and generate the "connection data" required for the Reporter to connect to this database instance. As an alternative for the database setup described in this chapter, you can follow the procedure described in Appendix B, "Generic Database Instance Setup".

You will need the following scripts to be present on the system where the database instance (RUEI_DB_INST) will be created:

  • ruei-prepare-db.sh: creates the database instance, Oracle wallet, and database connect files. Note that this script will only run on Linux. If you are installing the Oracle database on a different operating system, see Appendix B, "Generic Database Instance Setup" for more information.

  • sql_scripts: this directory contains a number of SQL scripts that are called by the ruei-prepare-db.sh script.

  • ruei-check.sh: this is a hardware and environment check utility, and is automatically invoked by ruei-prepare-db.sh. The script can also be used as a stand-alone troubleshooting utility. For a complete description of the script, refer to Appendix E, "The ruei-check.sh Script".

The four "connection data" files created during the procedure described in this section are as follows:

  • cwallet.sso

  • ewallet.p12

  • sqlnet.ora

  • tnsnames.ora

The RUEI configuration file (/etc/ruei.conf) also needs to be present on the database server and configured as described in Section 2.4.1, "The RUEI Configuration File".

Do the following:

  1. Copy the ruei-prepare-db.sh and ruei-check.sh scripts, and the sql_scripts directory to the server on which you intend to run the database instance, and make them executable for the oracle user. These scripts can be found in the RUEI distribution zip (/root/RUEI/121).

  2. Review the settings in the /etc/ruei.conf file to match your needs as described in Section 2.4.1, "The RUEI Configuration File".

  3. Logon to the database server as the oracle user on the database server, and set the ORACLE_HOME environment variable. You need to run the ruei-prepare-db.sh script as the oracle user. This script creates the $RUEI_DB_INST database, but only after a number of hardware and software environment checks have been performed. The actual checks performed depend on the system type you are currently installing.

    The script prompts you for the Reporter database user passwordFoot 1 . This enables the RUEI application to login to the database automatically. The script also creates the "connection data" files for you now.

    Issue the following commands:

    chmod +x ruei-prepare-db.sh ruei-check.sh
    chmod -R +r /home/oracle/sql_scripts/
    export ORACLE_HOME=/u01/app/oracle/product/11.2.0/dbhome_1Foot 2 
    ./ruei-prepare-db.sh create
    

    Note that you are prompted whether you want the installation script to check your system. It is recommended that you do so. The checks performed are fully described in Appendix E, "The ruei-check.sh Script".

    If you ran the above commands on a combined Reporter/Database server, you can skip step 4 and proceed to step 5.

  4. This step only applies when using a remote database.

    In the case of a Reporter system using a remote database, you will need to copy the generated /tmp/ruei-database-configuration.tar file in step 3 from the database server to the Reporter system. The /tmp/ruei-database-configuration.tar file must be extracted on the Reporter server in the directory /var/opt/ruei (RUEI_DATA). The permissions of the files need to be set so that the specified RUEI_USER (moniforce) can use them.

    Copy the generated .tar file, which holds connection data files to the Reporter system. Logon to the Reporter server and extract the .tar file using the following commands:

    cd /var/opt/ruei
    tar xvf path-to-tar-file/ruei/database-configuration.tar
    chown moniforce:moniforce cwallet.sso ewallet.p12 sqlnet.ora tnsnames.ora
    
  5. Because logging of the database can consume a large amount of disk space, it is recommended that you install a clean-up script to avoid the usage of unnecessary disk space. Copy the (example) script to the oracle user directory and activate it via cron using the following commands:

    mkdir -p /home/oracle/bin
    cp /root/RUEI/extra/ruei-clean.sh /home/oracle/bin
    chmod +x /home/oracle/bin/ruei-clean.sh
    su - oracle -c 'echo "10 0 * * * /home/oracle/bin/ruei-clean.sh" | crontab'
    

2.6.6 Installation of the Reporter Software

  1. The RUEI directory locations are flexible. Therefore, it is necessary to use the exact directory name described as configured in the /etc/ruei.conf file. Create the RUEI application root directory using the following commands:

    mkdir -p /opt/ruei
    chmod 750 /opt/ruei
    

    Note:

    The specified $RUEI_HOME and $RUEI_DATA directories must have 750 permissions defined for them.
  2. Make the apache and moniforce members of two additional groups using the following commands:

    /usr/sbin/usermod -aG moniforce apache
    /usr/sbin/usermod -aG uucp apache
    /usr/sbin/usermod -aG uucp moniforce
    
  3. Go to the directory that holds the RUEI software, and install the RUEI packages. You can specify reporter or collector to the ruei-install.sh script depending on the required installation:

    cd /root/RUEI/121
    chmod +x ruei-install.sh
    ./ruei-install.sh reporter
    
  4. Re-start the Apache web server using the following command:

    /sbin/service httpd restart
    
  5. As the root user, add the following lines to the .bash_profile file of the RUEI_USER (RUEI_DATA/.bash_profile):

    source /etc/ruei.conf
    source $RUEI_HOME/bin/env.sh
    
  6. Verify that the RUEI software was correctly installed by issuing the following command:

    ./ruei-check.sh postinstall
    
  7. This step should not be performed if you are installing a secondary (failover) Reporter system (see Chapter 8, "Configuring a Failover Reporter System"). You should continue at Section 2.7, "Configuring the Network Interface".

    As the moniforce user, set the RUEI admin user password to enable logging onto the RUEI interface with the following commands:

    su - moniforce
    set-admin-password
    

    You are prompted to enter and confirm the password.

Password Requirements

When defining the admin user password, bear the following in mind:

  • The password must have at least eight characters, and contain at least one non-alphanumeric character (such as $, @, &, and !).

  • The initial password must be changed within seven days.

  • The user name and password are case sensitive.

2.7 Configuring the Network Interface

This section is only relevant to Collector systems.

Make the monitoring network interface up status permanent (after a reboot) by setting the ONBOOT parameter of the capturing interfaces to yes in the interface configuration files. The network interfaces configuration can be found in the /etc/sysconfig/network-scripts/ifcfg-ethX file (where X represents the necessary network interface). Alternatively, use the graphical utility system-config-network to set the appropriate interfaces to "activate device when computer starts".

2.8 Enabling International Fonts (Optional, but Recommended)

This section is only relevant to the Reporter system.

For PDF generation with international character content, additional fonts are required to be enabled. These fonts need to be made available to Java. Use the following command to copy (or move) the RUEI-installed fonts to the appropriate Java directory:

cp RUEI_HOME/bi-publisher/fonts/* \
/usr/java/jre/lib/fonts/

2.9 Mail (MTA) Configuration (Optional, Reporter Only)

This section is only relevant to the Reporter system.

RUEI assumes a working local MTA for sending PDF reports and E-mail alerts. By default, Linux uses the Sendmail MTA. By default, Sendmail delivers the E-mail directly to the destination MTA. If this behavior is not according to your needs or policies, sending mail via a SmartHost (relay) might be an alternative. To configure a SmartHost in Sendmail, do the following:

  1. Install the Sendmail configuration utility by going to the directory containing the uploaded RPM and issuing the following command for RedHat Enterprise/Oracle Linux 5.x:

    rpm -Uhv sendmail-cf-8.13.8-*.el5.x86_64.rpm
    

    In RedHat Enterprise/Oracle Linux 6.x, issue the following command:

    rpm -Uhv sendmail-cf-8.14.4-*.el6.x86_64.rpm
    
  2. Find the line which contains the Smart Host setting in /etc/mail/sendmail.mc. Modify the SMART_HOST setting to your needs. For example:

    define('SMART_HOST', 'my.example')dnl
    
  3. Generate the new configuration into a new sendmail.cf by executing the following command:

    make -C /etc/mail
    
  4. Restart Sendmail. For example:

    /etc/init.d/sendmail restart 
    

Note:

Extensive information about the configuration of the Sendmail MTA is available at http://www.sendmail.org.

2.10 SNMP (Reporter Only)

You can download the RUEI MIB definition file through the Reporter interface. This definition file can then be added to your SNMP manager. The procedure for downloading the MIB file is described in the Oracle Real User Experience Insight User's Guide.

2.10.1 Configuring SNMP for RUEI

To enable the RUEI_USER to use the SNMP utilities, complete the following (applies to OL6, not OEL5):

  1. As the root user, edit the snmpd config file in /etc/sysconfig/snmpd and make sure the 'OPTIONS' line is not commented out by removing the '#' at the start of the line.

  2. Add the following option to the line:

    -u RUEI_USER
    
  3. As the root user, start and stop the snmpd daemon to have it set the correct permissions on all related files by issuing the following commands:

    service snmpd start
    service snmpd stop
    

2.11 Configuring Automatic Browser Redirection (Optional)

This section is only relevant to Reporter systems.

To have the browser automatically redirected to the correct RUEI path, create the file /var/www/html/index.html with the following content:

                   <head>
                   <meta http-equiv="REFRESH" content="0;URL=/ruei/">
                   </head>

2.12 Configuring Reporter Communication (Split-Server Setup Only)

This section is only relevant to a Reporter system with remote Collector(s).

A password-less SSH connection must be setup between the Moniforce user from the Reporter system to each Collector system. Do the following:

  1. Logon to the Reporter server as root. Issue the following commands:

    su - moniforce
    ssh-keygen -P ""
    

    Press Enter to accept the defaults.

  2. Logon as root to each of the Collector systems and become the moniforce user by issuing the following command:

    su - moniforce
    
  3. Create the .ssh directory (if it does not already exist) for the moniforce user on each Collector system by issuing the following commands:

    mkdir ~/.ssh
    chmod 700 ~/.ssh
    
  4. Copy the SSH key on the Reporter system to the required location on the Collector system by issuing the following commands:

    cd ~/.ssh
    ssh root@Reporter cat /var/opt/ruei/.ssh/id_rsa.pub >> authorized_keys
    

    (you will need to specify the Reporter system root password)

    chmod 600 authorized_keys
    
  5. Check that it is now possible to execute a remote command (as moniforce user) on the Reporter system without using a password. For example:

    • Logon as root on the Reporter server.

    • Logon as moniforce user: su - moniforce.

    • Execute a remote pwd command: ssh Collector pwd.

    • Enter yes to the question "Are you sure you want to continue connecting (yes/no)?".

    • The command should return /var/opt/ruei.

  6. The above steps must be performed for each Collector!

    Note:

    If the connection between the Reporter and the Collector(s) has not been correctly configured, you will receive an authorization error when you try to register the remote Collector.

2.13 Verifying Successful Installation of RUEI

On completion of the Initial Setup Wizard (described in Section 5.2, "Performing Initial RUEI Configuration"), you can verify your installation by selecting System, then Status. All system indicators should report OK. Note Status notification will indicate "Unknown" because no system alerts have yet been configured. This is fully described in the Oracle Real User Experience Insight User's Guide.



Footnote Legend

Footnote 1: The database password is also used as the Oracle wallet password. Both passwords must be 8-30 characters in length, and contain both numbers and letters. For information on changing the Oracle wallet password, please consult the appropriate Oracle documentation.
Footnote 2: This line requires customization based on your database version and installation path.